Model-based Security Testing Using UMLsec A Case Study

被引:29
|
作者
Juerjens, Jan [1 ]
机构
[1] Open Univ, Comp Dept, Milton Keynes, Bucks, England
来源
ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE | 2008年 / 220卷 / 01期
关键词
Model-based Testing; UML; Security; UMLsec;
D O I
10.1016/j.entcs.2008.11.008
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Designing and implementing security-critical systems correctly is very difficult. In practice, most vulnerabilities arise from bugs in implementations. We present work towards systematic specification-based testing of security-critical systems based on UMLsec models. We show how to systematically generate test sequences for security properties based on the model that can be used to test the implementation for vulnerabilities. We explain our method at the example of a part of the Common Electronic Purse Specifications (CEPS), a candidate for an international electronic purse standard.
引用
收藏
页码:93 / 104
页数:12
相关论文
共 50 条
  • [41] Model-based security engineering
    Juerjens, Jan
    SIGMAP 2006: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING AND MULTIMEDIA APPLICATIONS, 2006, : IS23 - IS29
  • [42] Model-based security engineering
    Juerjens, Jan
    SECRYPT 2006: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2006, : IS23 - IS29
  • [43] Model-based cyber security
    Rasche, Galen
    Allwein, Erin
    Moore, Michael
    Abbott, Ben
    ECBS 2007: 14TH ANNUAL IEEE INTERNATIONAL CONFERENCE AND WORKSHOPS ON THE ENGINEERING OF COMPUTER-BASED SYSTEMS, PROCEEDINGS: RAISING EXPECTATIONS OF COMPUTER-BASES SYSTEMS, 2007, : 405 - 412
  • [44] Model-based security engineering
    Juerjens, Jan
    ICE-B 2006: Proceedings of the International Conference on e-Business, 2006, : IS23 - IS29
  • [45] Model-based security engineering
    Juerjens, Jan
    WINSYS 2006: Proceedings of the International Conference on Wireless Information Networks and Systems, 2006, : IS23 - IS29
  • [46] Model-based testing using UML activity diagrams: A systematic mapping study
    Ahmad, Tanwir
    Iqbal, Junaid
    Ashraf, Adnan
    Truscan, Dragos
    Porres, Ivan
    COMPUTER SCIENCE REVIEW, 2019, 33 : 98 - 112
  • [47] A Study on Test Automation of IVN of Intelligent Vehicle Using Model-based Testing
    Han, Kabsu
    Son, Insick
    Cho, Jeonghun
    2013 FIFTH INTERNATIONAL CONFERENCE ON UBIQUITOUS AND FUTURE NETWORKS (ICUFN), 2013, : 123 - 128
  • [48] Combinatorial testing and model-based testing
    Hierons, Robert M.
    Xie, Tao
    SOFTWARE TESTING VERIFICATION & RELIABILITY, 2022, 32 (02):
  • [49] Model-Based Mutation Testing Using Pushdown Automata
    Belli, Fevzi
    Beyazit, Mutlu
    Takagi, Tomohiko
    Furukawa, Zengo
    IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2012, E95D (09): : 2211 - 2218
  • [50] Using Model-Based Diagnosis to Improve Software Testing
    Zamir, Tom
    Stern, Roni
    Kalech, Meir
    PROCEEDINGS OF THE TWENTY-EIGHTH AAAI CONFERENCE ON ARTIFICIAL INTELLIGENCE, 2014, : 1135 - 1141
12345